General Esm W900
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Review: The Official Ubuntu Book - If you haven't used Linux before, are new to Ubuntu, or would like a quick update on the latest in open source advancements for the desktop, then The Official Ubuntu Book is a great place to start. Authored by a group of some of the most experienced open source administrators and developers, this 400-page user guide details everything you need to know about how to make the most of your Ubuntu, Kubuntu (Ubuntu with KDE), and Xubuntu (Ubuntu with Xfce) computer.

Review: Zabbix 1.8 Network Monitoring - If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side.

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
(Jan 10)

Anyone who spends a lot of time working on a computer can speak volumes on the value of a change of scenery. Spending all of your time in the same chair in the same room can lead to a strong sense of monotony that can drive productivity into the ground.
Hacker used information on Facebook to steal nude pics from women's email accounts (Jan 14)

Computer hacker George Samuel Bronk, 23, of Citrus Heights California, pleaded guilty to seven felony charges which included hacking into e-mail accounts and Facebook accounts of women in 17 states and in England.
Wireshark updates address vulnerabilities (Jan 13)

The Wireshark development team has released version 1.2.14 and 1.4.3 of its open source, cross-platform network protocol analyser. According to the developers, the security updates address a high-risk vulnerability (CVE-2010-4538) that could allow a remote attacker to initiate a denial of service (DoS) attack or possibly execute arbitrary code on a victim's system.
(Jan 12)

NSS Labs, Inc., the leading independent security testing organization, today announced the release of its latest Network Intrusion Prevention System (IPS) Comparative Group Test Report for the fourth quarter of 2010.
Grade 8 boy hacks school system (Jan 11)

A Catholic school board has taken action after learning a young hacker in accessed confidential records, including provincial test scores. John Mackle, education director at the Peterborough Victoria Northumberland and Clarington Catholic District School Board, said the Grade 8 pupil at St. Anne's School in Peterborough's north end found his way -- via his laptop, a piece of downloaded software and the board's internal network -- into a board file server containing provincewide test results.
Anti-hacker 'app' offers added security (Jan 14)

Worried about someone ease dropping on your cell phone calls? Then try out a new mobile application called Kryptos. "It enables you to have conversations that are free from being intercepted by anybody," said Stephen Carnes, president of Kryptos Communications Inc.
Amazon cloud enables wireless hacks (Jan 10)

Amazon's web hosting business could be making it easier for hackers to steal information such as wireless passwords, according to a German security expert. Thomas Roth, a security consultant, told Reuters that he was using Amazon's cloud-based computer services to run wireless password hacking tools, with some success.
(Jan 12)

Amazon's cloud computing service has been used to break into a wireless network. But the company notes that its the security system itself that's the problem.
Hackers mock North Korea heir-apparent birthday boy (Jan 10)

Hackers compromised North Korean media profiles on Saturday to mock the country's heir apparent, Kim Jong Un, on his birthday. North Korea's YouTube channel was commandeered to post satirical footage depicting a caricature of Kim Jong Un at the wheel of a luxury sports car and out of control, mowing down women and children at the side of the road.
Spain grovels to penguins over 'Linux' anti-terror plot (Jan 13)

The Spanish Ministry of the Interior has expressed its regret that an international crackdown on IT masterminds inside the violent Basque separatist group ETA was dubbed "Operation Linux". Apparently, penguin-loving outfits are complaining that the antiterrorist operation sullies their good name.
(Jan 12)

The latest tests of crucial equipment used to protect Internet-facing corporate networks show they are improving but are far from perfect in stopping hacker attacks. IPS (Intrusion protection systems) are often the front-line guard at the door of the Internet and used to detect sophisticated attacks designed to steal information or execute fraud.
(Jan 12)

Earlier this month, researchers with Symantec's MessageLabs noted spam volumes had dropped dramatically as Rustock, the largest of the spam botnets, went quiet. Researchers aren't sure why this happened -- only that global spam levels dropped massively as a result. Not surprisingly as Rustock is responsible for 88 percent of all global spam.